Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(783)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/security_state/core/security_state_unittest.cc

Issue 2616553002: Remove obsolete SHA-1 UX elements (Closed)
Patch Set: Final nits Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « components/security_state/core/security_state.cc ('k') | components/security_state_strings.grdp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/security_state/core/security_state.h" 5 #include "components/security_state/core/security_state.h"
6 6
7 #include <stdint.h> 7 #include <stdint.h>
8 8
9 #include "base/bind.h" 9 #include "base/bind.h"
10 #include "base/command_line.h" 10 #include "base/command_line.h"
(...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after
108 net::CertStatus cert_status_; 108 net::CertStatus cert_status_;
109 bool displayed_mixed_content_; 109 bool displayed_mixed_content_;
110 bool ran_mixed_content_; 110 bool ran_mixed_content_;
111 MaliciousContentStatus malicious_content_status_; 111 MaliciousContentStatus malicious_content_status_;
112 bool displayed_password_field_on_http_; 112 bool displayed_password_field_on_http_;
113 bool displayed_credit_card_field_on_http_; 113 bool displayed_credit_card_field_on_http_;
114 }; 114 };
115 115
116 } // namespace 116 } // namespace
117 117
118 // Tests that SHA1-signed certificates expiring in 2016 downgrade the 118 // Tests that SHA1-signed certificates, when not allowed by policy, downgrade
119 // security state of the page. 119 // the security state of the page to DANGEROUS.
120 TEST(SecurityStateTest, SHA1Blocked) {
121 TestSecurityStateHelper helper;
122 helper.AddCertStatus(net::CERT_STATUS_WEAK_SIGNATURE_ALGORITHM);
123 helper.AddCertStatus(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT);
124 SecurityInfo security_info;
125 helper.GetSecurityInfo(&security_info);
126 EXPECT_TRUE(security_info.sha1_in_chain);
127 EXPECT_EQ(DANGEROUS, security_info.security_level);
128 }
129
130 // Tests that SHA1-signed certificates, when allowed by policy, downgrade the
131 // security state of the page to NONE.
120 TEST(SecurityStateTest, SHA1Warning) { 132 TEST(SecurityStateTest, SHA1Warning) {
121 TestSecurityStateHelper helper; 133 TestSecurityStateHelper helper;
122 SecurityInfo security_info; 134 SecurityInfo security_info;
123 helper.GetSecurityInfo(&security_info); 135 helper.GetSecurityInfo(&security_info);
124 EXPECT_EQ(DEPRECATED_SHA1_MINOR, security_info.sha1_deprecation_status); 136 EXPECT_TRUE(security_info.sha1_in_chain);
125 EXPECT_EQ(DANGEROUS, security_info.security_level); 137 EXPECT_EQ(NONE, security_info.security_level);
126 } 138 }
127 139
128 // Tests that SHA1 warnings don't interfere with the handling of mixed 140 // Tests that SHA1-signed certificates, when allowed by policy, don't interfere
129 // content. 141 // with the handling of mixed content.
130 TEST(SecurityStateTest, SHA1WarningMixedContent) { 142 TEST(SecurityStateTest, SHA1WarningMixedContent) {
131 TestSecurityStateHelper helper; 143 TestSecurityStateHelper helper;
132 helper.SetDisplayedMixedContent(true); 144 helper.SetDisplayedMixedContent(true);
133 SecurityInfo security_info1; 145 SecurityInfo security_info1;
134 helper.GetSecurityInfo(&security_info1); 146 helper.GetSecurityInfo(&security_info1);
135 EXPECT_EQ(DEPRECATED_SHA1_MINOR, security_info1.sha1_deprecation_status); 147 EXPECT_TRUE(security_info1.sha1_in_chain);
136 EXPECT_EQ(CONTENT_STATUS_DISPLAYED, security_info1.mixed_content_status); 148 EXPECT_EQ(CONTENT_STATUS_DISPLAYED, security_info1.mixed_content_status);
137 EXPECT_EQ(DANGEROUS, security_info1.security_level); 149 EXPECT_EQ(NONE, security_info1.security_level);
138 150
139 helper.SetDisplayedMixedContent(false); 151 helper.SetDisplayedMixedContent(false);
140 helper.SetRanMixedContent(true); 152 helper.SetRanMixedContent(true);
141 SecurityInfo security_info2; 153 SecurityInfo security_info2;
142 helper.GetSecurityInfo(&security_info2); 154 helper.GetSecurityInfo(&security_info2);
143 EXPECT_EQ(DEPRECATED_SHA1_MINOR, security_info2.sha1_deprecation_status); 155 EXPECT_TRUE(security_info2.sha1_in_chain);
144 EXPECT_EQ(CONTENT_STATUS_RAN, security_info2.mixed_content_status); 156 EXPECT_EQ(CONTENT_STATUS_RAN, security_info2.mixed_content_status);
145 EXPECT_EQ(DANGEROUS, security_info2.security_level); 157 EXPECT_EQ(DANGEROUS, security_info2.security_level);
146 } 158 }
147 159
148 // Tests that SHA1 warnings don't interfere with the handling of major 160 // Tests that SHA1-signed certificates, when allowed by policy,
149 // cert errors. 161 // don't interfere with the handling of major cert errors.
150 TEST(SecurityStateTest, SHA1WarningBrokenHTTPS) { 162 TEST(SecurityStateTest, SHA1WarningBrokenHTTPS) {
151 TestSecurityStateHelper helper; 163 TestSecurityStateHelper helper;
152 helper.AddCertStatus(net::CERT_STATUS_DATE_INVALID); 164 helper.AddCertStatus(net::CERT_STATUS_DATE_INVALID);
153 SecurityInfo security_info; 165 SecurityInfo security_info;
154 helper.GetSecurityInfo(&security_info); 166 helper.GetSecurityInfo(&security_info);
155 EXPECT_EQ(DEPRECATED_SHA1_MINOR, security_info.sha1_deprecation_status); 167 EXPECT_TRUE(security_info.sha1_in_chain);
156 EXPECT_EQ(DANGEROUS, security_info.security_level); 168 EXPECT_EQ(DANGEROUS, security_info.security_level);
157 } 169 }
158 170
159 // Tests that |security_info.is_secure_protocol_and_ciphersuite| is 171 // Tests that |security_info.is_secure_protocol_and_ciphersuite| is
160 // computed correctly. 172 // computed correctly.
161 TEST(SecurityStateTest, SecureProtocolAndCiphersuite) { 173 TEST(SecurityStateTest, SecureProtocolAndCiphersuite) {
162 TestSecurityStateHelper helper; 174 TestSecurityStateHelper helper;
163 // TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 from 175 // TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 from
164 // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-param eters-4 176 // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-param eters-4
165 const uint16_t ciphersuite = 0xc02f; 177 const uint16_t ciphersuite = 0xc02f;
(...skipping 145 matching lines...) Expand 10 before | Expand all | Expand 10 after
311 helper.GetSecurityInfo(&security_info); 323 helper.GetSecurityInfo(&security_info);
312 histograms.ExpectUniqueSample(kHistogramName, 2 /* HTTP_SHOW_WARNING */, 1); 324 histograms.ExpectUniqueSample(kHistogramName, 2 /* HTTP_SHOW_WARNING */, 1);
313 325
314 // Ensure histogram recorded correctly even without a password input. 326 // Ensure histogram recorded correctly even without a password input.
315 helper.set_displayed_password_field_on_http(false); 327 helper.set_displayed_password_field_on_http(false);
316 helper.GetSecurityInfo(&security_info); 328 helper.GetSecurityInfo(&security_info);
317 histograms.ExpectUniqueSample(kHistogramName, 2 /* HTTP_SHOW_WARNING */, 2); 329 histograms.ExpectUniqueSample(kHistogramName, 2 /* HTTP_SHOW_WARNING */, 2);
318 } 330 }
319 331
320 } // namespace security_state 332 } // namespace security_state
OLDNEW
« no previous file with comments | « components/security_state/core/security_state.cc ('k') | components/security_state_strings.grdp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698